mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-25 13:46:50 +02:00 
			
		
		
		
	[ticket/16655] Add support for custom error message when exceeding attempts
PHPBB3-16655
This commit is contained in:
		| @@ -44,10 +44,11 @@ $lang = array_merge($lang, [ | |||||||
| 	'CAPTCHA_RECAPTCHA'				=> 'reCaptcha v2', | 	'CAPTCHA_RECAPTCHA'				=> 'reCaptcha v2', | ||||||
| 	'CAPTCHA_RECAPTCHA_V3'			=> 'reCaptcha v3', | 	'CAPTCHA_RECAPTCHA_V3'			=> 'reCaptcha v3', | ||||||
|  |  | ||||||
| 	'RECAPTCHA_INCORRECT'			=> 'The solution you provided was incorrect', | 	'RECAPTCHA_INCORRECT'				=> 'The solution you provided was incorrect', | ||||||
| 	'RECAPTCHA_NOSCRIPT'			=> 'Please enable JavaScript in your browser to load the challenge.', | 	'RECAPTCHA_NOSCRIPT'				=> 'Please enable JavaScript in your browser to load the challenge.', | ||||||
| 	'RECAPTCHA_NOT_AVAILABLE'		=> 'In order to use reCaptcha, you must create an account on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>.', | 	'RECAPTCHA_NOT_AVAILABLE'			=> 'In order to use reCaptcha, you must create an account on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>.', | ||||||
| 	'RECAPTCHA_INVISIBLE'			=> 'This CAPTCHA is actually invisible. To verify that it works, a small icon should appear in right bottom corner of this page.', | 	'RECAPTCHA_INVISIBLE'				=> 'This CAPTCHA is actually invisible. To verify that it works, a small icon should appear in right bottom corner of this page.', | ||||||
|  | 	'RECAPTCHA_V3_LOGIN_ERROR_ATTEMPTS'	=> 'You have exceeded the maximum number of login attempts allowed.<br>In addition to your username and password the invisible reCAPTCHA v3 will be used to authenticate your session.', | ||||||
|  |  | ||||||
| 	'RECAPTCHA_PUBLIC'				=> 'Site key', | 	'RECAPTCHA_PUBLIC'				=> 'Site key', | ||||||
| 	'RECAPTCHA_PUBLIC_EXPLAIN'		=> 'Your site reCAPTCHA key. Keys can be obtained on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>. Please, use reCAPTCHA v2 > Invisible reCAPTCHA badge type.', | 	'RECAPTCHA_PUBLIC_EXPLAIN'		=> 'Your site reCAPTCHA key. Keys can be obtained on <a href="https://www.google.com/recaptcha">www.google.com/recaptcha</a>. Please, use reCAPTCHA v2 > Invisible reCAPTCHA badge type.', | ||||||
|   | |||||||
| @@ -14,6 +14,7 @@ | |||||||
| namespace phpbb\auth\provider; | namespace phpbb\auth\provider; | ||||||
|  |  | ||||||
| use phpbb\captcha\factory; | use phpbb\captcha\factory; | ||||||
|  | use phpbb\captcha\plugins\captcha_abstract; | ||||||
| use phpbb\config\config; | use phpbb\config\config; | ||||||
| use phpbb\db\driver\driver_interface; | use phpbb\db\driver\driver_interface; | ||||||
| use phpbb\passwords\manager; | use phpbb\passwords\manager; | ||||||
| @@ -151,13 +152,27 @@ class db extends base | |||||||
| 			$attempts = 0; | 			$attempts = 0; | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | 		$login_error_attempts = 'LOGIN_ERROR_ATTEMPTS'; | ||||||
|  | 		$show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || | ||||||
|  | 			($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); | ||||||
|  | 		if ($show_captcha) | ||||||
|  | 		{ | ||||||
|  | 			$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']); | ||||||
|  |  | ||||||
|  | 			// Get custom message for login error when exceeding maximum number of attempts | ||||||
|  | 			if ($captcha instanceof captcha_abstract) | ||||||
|  | 			{ | ||||||
|  | 				$login_error_attempts = $captcha->get_login_error_attempts(); | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  |  | ||||||
| 		if (!$row) | 		if (!$row) | ||||||
| 		{ | 		{ | ||||||
| 			if ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']) | 			if ($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']) | ||||||
| 			{ | 			{ | ||||||
| 				return array( | 				return array( | ||||||
| 					'status'		=> LOGIN_ERROR_ATTEMPTS, | 					'status'		=> LOGIN_ERROR_ATTEMPTS, | ||||||
| 					'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS', | 					'error_msg'		=> $login_error_attempts, | ||||||
| 					'user_row'		=> array('user_id' => ANONYMOUS), | 					'user_row'		=> array('user_id' => ANONYMOUS), | ||||||
| 				); | 				); | ||||||
| 			} | 			} | ||||||
| @@ -169,21 +184,17 @@ class db extends base | |||||||
| 			); | 			); | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
| 		$show_captcha = ($this->config['max_login_attempts'] && $row['user_login_attempts'] >= $this->config['max_login_attempts']) || |  | ||||||
| 			($this->config['ip_login_limit_max'] && $attempts >= $this->config['ip_login_limit_max']); |  | ||||||
|  |  | ||||||
| 		// If there are too many login attempts, we need to check for a confirm image | 		// If there are too many login attempts, we need to check for a confirm image | ||||||
| 		// Every auth module is able to define what to do by itself... | 		// Every auth module is able to define what to do by itself... | ||||||
| 		if ($show_captcha) | 		if ($show_captcha) | ||||||
| 		{ | 		{ | ||||||
| 			$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']); |  | ||||||
| 			$captcha->init(CONFIRM_LOGIN); | 			$captcha->init(CONFIRM_LOGIN); | ||||||
| 			$vc_response = $captcha->validate($row); | 			$vc_response = $captcha->validate($row); | ||||||
| 			if ($vc_response) | 			if ($vc_response) | ||||||
| 			{ | 			{ | ||||||
| 				return array( | 				return array( | ||||||
| 					'status'		=> LOGIN_ERROR_ATTEMPTS, | 					'status'		=> LOGIN_ERROR_ATTEMPTS, | ||||||
| 					'error_msg'		=> 'LOGIN_ERROR_ATTEMPTS', | 					'error_msg'		=> $login_error_attempts, | ||||||
| 					'user_row'		=> $row, | 					'user_row'		=> $row, | ||||||
| 				); | 				); | ||||||
| 			} | 			} | ||||||
|   | |||||||
| @@ -387,4 +387,15 @@ abstract class captcha_abstract | |||||||
| 	* @return string the name of the class used to generate the captcha | 	* @return string the name of the class used to generate the captcha | ||||||
| 	*/ | 	*/ | ||||||
| 	abstract function get_generator_class(); | 	abstract function get_generator_class(); | ||||||
|  |  | ||||||
|  | 	/** | ||||||
|  | 	 * Get language variable for error message when CAPTCHA is being shown due | ||||||
|  | 	 * to exceeding the maximum number of login attempts | ||||||
|  | 	 * | ||||||
|  | 	 * @return string | ||||||
|  | 	 */ | ||||||
|  | 	public function get_login_error_attempts(): string | ||||||
|  | 	{ | ||||||
|  | 		return 'LOGIN_ERROR_ATTEMPTS'; | ||||||
|  | 	} | ||||||
| } | } | ||||||
|   | |||||||
| @@ -352,4 +352,16 @@ class recaptcha_v3 extends captcha_abstract | |||||||
|  |  | ||||||
| 		return $language->lang('RECAPTCHA_INCORRECT'); | 		return $language->lang('RECAPTCHA_INCORRECT'); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
|  | 	/** | ||||||
|  | 	 * {@inheritDoc} | ||||||
|  | 	 */ | ||||||
|  | 	public function get_login_error_attempts(): string | ||||||
|  | 	{ | ||||||
|  | 		global $language; | ||||||
|  |  | ||||||
|  | 		$language->add_lang('captcha_recaptcha'); | ||||||
|  |  | ||||||
|  | 		return 'RECAPTCHA_V3_LOGIN_ERROR_ATTEMPTS'; | ||||||
|  | 	} | ||||||
| } | } | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user